A company is designing a new system that must have high security. This new system has the following requirements:
• Permissions must be assigned based on role.
• Fraud from a single person must be prevented.
• A single entity must not have full access control.
Which of the following can the company use to meet these requirements?
The company should use Separation of Duties to meet the specified requirements. Separation of Duties ensures that permissions and responsibilities are divided among multiple individuals or roles, which addresses the need to assign permissions based on role. It also prevents fraud from a single person by ensuring that no single individual has control over all aspects of a process, thereby mitigating the risk of fraudulent activities. Moreover, this approach ensures that a single entity does not have full access control, as critical tasks and permissions are distributed among different individuals or roles.
B. Separation of duties The company can use the concept of Separation of Duties to meet these requirements. Here's how each requirement aligns with Separation of Duties: Permissions based on role: Separation of Duties ensures that permissions and responsibilities are divided among multiple individuals or roles. This means that different roles will have different sets of permissions based on their responsibilities. Preventing fraud from a single person: By separating critical tasks or functions, it becomes more difficult for a single individual to carry out fraudulent activities without detection. This helps to mitigate the risk of fraud. Preventing a single entity from having full access control: Separation of Duties ensures that no single entity or individual has full control or authority over all aspects of a system or process. This reduces the risk of misuse or abuse of privileges.
B. agree, it implies all the requirements.
Separation of duties for sure!